Introducing BinSkim

BinSkim
BinSkim

BinSkim is a binary static analysis tool that scans Windows Portable Executable (PE) files for security and correctness.  Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the Windows Platform. Some of these mitigations ensure the binary has: SafeSEH enabled for safe…

0

Automating Secure Development Lifecycle Checks in TypeScript with TSLint

TypeScript
TypeScript

This is a guest post by Hamlet D’Arcy from Microsoft’s Social Engagement team.  Last year he noticed that while Microsoft had tooling to do static analysis for JavaScript our tooling approach for TypeScript was sub-optimal.  He and a couple of his colleagues took it upon themselves to create security checks for TypeScript using the TSLint…

0

Roslyn Diagnostics Security Analyzers Overview

roslyn
roslyn

Roslyn diagnostic analyzers utilize the power of Roslyn open-source C# and Visual Basic (VB) compilers to help you write more robust and secure code through rich code analysis and detailed issue explanation. In this blog post, we’ll cover some of the basics to get you started on using the security specific set of analyzers for…

19

Welcome to Secure Development at Microsoft Blog

Scanshield
Scanshield

Welcome to Secure Development at Microsoft, a blog created for us to share new security tools, services, open source projects and best development practices with you in order to instill a security mindset across the development community as a whole and enable cross collaboration among its members. With this blog, our engineers at Microsoft hope to…

2